Apache::CodeRed - Responds to CodeRed worm attacks with e-mail warnings
In your httpd.conf, put the following:
This Perl module should be invoked whenever the CodeRed or
CodeRed2 worm attacks. We don't have to worry about such attacks
on Linux boxes, but we can be good Internet citizens, warning the
webmasters on infected machines of the problem and how to solve
If the remote IP address fails a reverse DNS lookup, we don't send
e-mail to anyone associated with that host. (We do, however,
submit the IP address to SecurityFocus.) It would be nice to
automatically determine which ISP is responsible for a particular
IP address, and contact them automatically.
You may distribute this module under the same license as Perl itself.
Reuven M. Lerner, email@example.com
Thanks to Randal Schwartz, David Young, and Salve J. Nilsen for